{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,9]],"date-time":"2026-01-09T18:53:34Z","timestamp":1767984814420,"version":"3.49.0"},"reference-count":45,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"11","license":[{"start":{"date-parts":[[2014,11,1]],"date-time":"2014-11-01T00:00:00Z","timestamp":1414800000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61221063"],"award-info":[{"award-number":["61221063"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["U1301254"],"award-info":[{"award-number":["U1301254"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61103241"],"award-info":[{"award-number":["61103241"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61103240"],"award-info":[{"award-number":["61103240"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["91118005"],"award-info":[{"award-number":["91118005"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"name":"863 High Tech Development Plan","award":["2012AA011003"],"award-info":[{"award-number":["2012AA011003"]}]},{"name":"Application Foundation Research Program of Suzhou","award":["SYG201311"],"award-info":[{"award-number":["SYG201311"]}]},{"name":"Prospective Research Project on Future Networks, Jiangsu Future Networks Innovation Institute"},{"name":"111 International Collaboration Program, China"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Trans.Inform.Forensic Secur."],"published-print":{"date-parts":[[2014,11]]},"DOI":"10.1109\/tifs.2014.2357251","type":"journal-article","created":{"date-parts":[[2014,9,11]],"date-time":"2014-09-11T14:38:22Z","timestamp":1410446302000},"page":"1906-1921","source":"Crossref","is-referenced-by-count":24,"title":["DNSRadar: Outsourcing Malicious Domain Detection Based on Distributed Cache-Footprints"],"prefix":"10.1109","volume":"9","author":[{"given":"Xiaobo","family":"Ma","sequence":"first","affiliation":[]},{"given":"Junjie","family":"Zhang","sequence":"additional","affiliation":[]},{"given":"Jing","family":"Tao","sequence":"additional","affiliation":[]},{"given":"Jianfeng","family":"Li","sequence":"additional","affiliation":[]},{"given":"Jue","family":"Tian","sequence":"additional","affiliation":[]},{"given":"Xiaohong","family":"Guan","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref39","first-page":"6","article-title":"On the potential of proactive domain blacklisting","author":"felegyhazi","year":"2010","journal-title":"Proceedings of the 2nd USENIX Conference on Large-scale Exploits and Emergent Threats Botnets Spyware Worms and More"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1145\/1557019.1557153"},{"key":"ref33","year":"2014","journal-title":"Alexa"},{"key":"ref32","year":"2014","journal-title":"CLEAN MX Realtime Database"},{"key":"ref31","year":"2014","journal-title":"Hosts File"},{"key":"ref30","year":"2014","journal-title":"MALWARE"},{"key":"ref37","first-page":"27","article-title":"Detecting malware domains at the upper DNS hierarchy","author":"antonakakis","year":"2011","journal-title":"Proc 20th USENIX Conf Security"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1145\/1879141.1879148"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1145\/2068816.2068842"},{"key":"ref34","first-page":"446","article-title":"Winning with DNS failures: Strategies for faster botnet detection","author":"yadav","year":"2011","journal-title":"Security Privacy in Commun Netw"},{"key":"ref10","year":"2014","journal-title":"Malbox"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-33338-5_10"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.2316\/P.2010.726-020"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-68914-0_2"},{"key":"ref13","article-title":"Corrupted DNS resolution paths: The rise of a malicious resolution authority","author":"dagon","year":"2008","journal-title":"Proc Symp Network and Distributed System Security"},{"key":"ref14","first-page":"26","article-title":"Towards optimized probe scheduling for active measurement studies","author":"kumar","year":"2011","journal-title":"Proc 6th Int Conf Internet Monitor Protection"},{"key":"ref15","year":"2014","journal-title":"Conficker"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1145\/1963405.1963435"},{"key":"ref17","article-title":"COMPA: Detecting compromised accounts on social networks","author":"egele","year":"2013","journal-title":"Proc ISOC Netw Distrib Syst Secur Symp (NDSS)"},{"key":"ref18","article-title":"RB-seeker: Auto-detection of redirection botnets","author":"hu","year":"2009","journal-title":"Proc Symp Network and Distributed System Security"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1109\/MALWARE.2010.5665793"},{"key":"ref28","first-page":"239","article-title":"Understanding belief propagation and its generalizations","author":"yedidia","year":"2003","journal-title":"Exploring Artificial Intelligence in the New Millennium"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1109\/CIT.2007.90"},{"key":"ref27","doi-asserted-by":"crossref","DOI":"10.1093\/acprof:oso\/9780199206650.001.0001","author":"newman","year":"2010","journal-title":"Networks An Introduction"},{"key":"ref3","article-title":"EXPOSURE: Finding malicious domains using passive DNS analysis","author":"bilge","year":"2011","journal-title":"Proc 18th Annu Netw Distrib Syst Secur Symp"},{"key":"ref6","year":"2014","journal-title":"Location-Aware Authoritative DNS Server"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1145\/1644893.1644932"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1109\/ICNP.2010.5762763"},{"key":"ref8","year":"2014","journal-title":"Client IP Information in DNS Requests"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/ICCCN.2011.6006028"},{"key":"ref2","first-page":"273","article-title":"Building a dynamic reputation system for DNS","author":"antonakakis","year":"2010","journal-title":"Proc 19th USENIX Conf Security"},{"key":"ref9","year":"2014","journal-title":"Normandy"},{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1145\/1851307.1851317"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2009.36"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1145\/1920261.1920283"},{"key":"ref22","year":"2014","journal-title":"McAfee Threat Intelligence"},{"key":"ref21","year":"2013","journal-title":"Avira"},{"key":"ref42","article-title":"BotSniffer: Detecting botnet command and control channels in network traffic","author":"gu","year":"2008","journal-title":"Proc 15th Annu Netw Distrib Syst Security Symp (NDSS)"},{"key":"ref24","year":"2014","journal-title":"DNS-BH Project"},{"key":"ref41","doi-asserted-by":"crossref","first-page":"89","DOI":"10.1109\/WSE.2010.5623562","article-title":"Multilingual web sites: Internationalized domain name homograph attacks","author":"helou","year":"2010","journal-title":"Proc 12th IEEE Int Symp Web Syst Evol (WSE)"},{"key":"ref23","year":"2014","journal-title":"Google Safe Browsing"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1145\/2413176.2413217"},{"key":"ref26","first-page":"107","article-title":"Highly predictive blacklisting","author":"zhang","year":"2008","journal-title":"Proc 17th Conf Security Symp"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1145\/2420950.2420969"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1016\/B978-012088469-8.50052-8"}],"container-title":["IEEE Transactions on Information Forensics and Security"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/10206\/6912034\/06895259.pdf?arnumber=6895259","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,1,12]],"date-time":"2022-01-12T11:52:28Z","timestamp":1641988348000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/6895259"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014,11]]},"references-count":45,"journal-issue":{"issue":"11"},"URL":"https:\/\/doi.org\/10.1109\/tifs.2014.2357251","relation":{},"ISSN":["1556-6013","1556-6021"],"issn-type":[{"value":"1556-6013","type":"print"},{"value":"1556-6021","type":"electronic"}],"subject":[],"published":{"date-parts":[[2014,11]]}}}